search

cisagov / ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines
https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
Creative Commons Zero v1.0 Universal
1.76k stars 228 forks source link

Review and test new Teams setting: control of tenant users joining externally hosted Teams meetings #1320

Open rmoffitt-m opened 2 months ago

rmoffitt-m commented 2 months ago

💡 Summary

Microsoft added a feature in May of 2024 to allow tenant administrators to control whether some users can join externally hosted Teams meetings. Consider adding a policy to check these settings.

The Microsoft roadmap feature related to this issue has ID 187230.

Motivation and context

As per Microsoft, "This capability can be used by the tenant admins to protect potential data exfiltration from specific user groups within their organization."

Implementation notes

Acceptance criteria

How do we know when this work is done?

adhilto commented 2 months ago

See https://github.com/cisagov/ScubaGoggles/blob/main/baselines/meet.md#gwsmeet21v03 for the equivalent GWS baseline policy.